This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
I am using spring security for maintaining user authentication and authorization. We have different roles for our site. Now a admin can see all the logged in users and can logout any user from admin page.
I have an approach to make a custom filter and put it in the filter chain process of spring security. This filter will put the userId and sessionId of the user(after sucessful login), to a hashmap. A admin can iterate and see all the logged in users by iterating to that hash map.
Now when he clicks on logout button, how do i invalidate the session for that particular users. I can get sessionId based on a userId from hashmap, but i have no idea what to do with this session as i have no method like
Can someone please help me with any idea?
I’ve looked at a lot of different solutions, and in my humble opinion Aspose is the way to go. Here’s the link: http://aspose.com
subject: explicitly making any user logout from the site